Linked by Thom Holwerda on Wed 12th Apr 2006 18:30 UTC
Microsoft Microsoft's dominant Internet Explorer browser has undergone a major security makeover to plug 10 vulnerabilities that puts millions at risk of PC takeover, address bar spoofing and information disclosure attacks. The monster IE update includes a fix for the 'createTextRange()' code execution flaw that caused zero-day drive-by downloads and a significant modification to the way the browser renders certain ActiveX controls. In all, Microsoft shipped five bulletins with patches for 14 different vulnerabilities in a range of Windows products. At the same time Microsoft has begun requesting that users upgrade their ME/98 machines because support ends July 11th, 2006.
Thread beginning with comment 114351
To view parent comment, click here.
To read all comments associated with this story, please click here.
kaiwai
Member since:
2005-07-06

I don't really keep up with how many patches come out per year, but I do know that things could be coded a LOT better (on MS's end of course) if you release so many patches at once, week after week.

Oh pulease, Fedora Core 5 has been out for less than 2 weeks, and there is already over 100MB worth of updates already - so please, lets not try to declare that our respective shit don't stink.

The issue shouldn't be about the updates, but ensuring that the updates are released promptly with good documentation, and correct the problem as described in the errata.

The problem isn't the mistake, but whether you acknowledge it, fix it and then learn something from it.

Reply Parent Score: 1

dylansmrjones Member since:
2005-10-02

Well, those updates are NOT security fixes NOR critical bugfixes, but merely point releases.

Microsoft do not release point releases this way, so they should not be counted in.

Reply Parent Score: 1